You thought you always immediately remove the phishing messages from your Inbox? Let's see if that is still the case in 2024. In 2024, phishing will become less recognizable, more vicious and it will become active in places where you least expect it. Conclusion: these 3 factors ensure that you can no longer do it alone.
Phishing: the flashy email from the Nigerian prince is no longer there. Why? Because it no longer comes from an unknown fantasy figure from a faraway land. And on top of that: because it no longer just comes in the form of an email. We see that phishing is looking for new, more effective ways. And that is becoming increasingly successful. We will show you how this will work out in 2024 and how you can avoid falling into it.
vishing
The variant on the rise. vishing is fraud using the spoken word as a method. This usually takes place in several steps. You click on (there it is again) the wrong link. Malware is then installed on your PC without your knowledge. To solve it, all you have to do is call a phone number. but as you understand: the opposite happens.
The person on the line is trying to get your information so that they can make their move. This form of scam has become much more common this year. That trend will most likely continue into 2024.
Increasing damage amount
It may take more effort for the perpetrators, but the returns make it worth it. The average amount of damage has increased enormously this year, as of late APWG to see. The Anti-Phishing Work Group reports in its latest quarterly report of 2023 that the average cost of a successful attack has increased from €175.263 to €274.870. That is an increase of 57%.
Social Engineering
This is partly due to phishing, but also due to another recent trend. That of Social Engineering. In short, this means that malicious parties do research in advance to determine who will be the next victim.
You can also combat phishing with training. For you and your colleagues.
Once chosen, a strategy is set up based on as much personal information as possible from that person and those close to them. To maximize the chance of success of phishing. After all, you are much more likely to click on a link in an email from your colleague or friend. You can immediately read through those emails from that rich baron from Far Away; maybe not this one. Hackers need to put more effort into this.
So there's some preliminary work, but successful phishing across multiple disks and stages is increasingly paying off. Verizon indicates that this type of phishing will almost double by 2023. We expect this will certainly continue in 2024.
We also mention the obvious reason why Social Engineering is so popular: because it works. Proofpoint Cyber Security's State of the Phish states that this does not only apply to names of famous people. Familiar brands are also less likely to ring a bell. In the same report, Proofpoint says that around 44% of recipients click on a link in a well-known branded email.
The last factor we mention for greater success is phishing, in short: the whole. Thanks to AI (artificial intelligence), like text generators like ChatGPT, phishing looks better and reads much more pleasantly. In addition, AI ensures that the email is also technically correct more often. So in this case: the email gets through the spam filter more often.
You may have opened emails from the bank in the past asking you to log in. You did not. The sentence contained a typo or a glaring d/t error. These are also becoming less common, which also increases the success rate.
In other words, think twice before claiming that you see through phishing. And take the problem seriously and prevent intrusion. That happens through to have everything technically in order. But just as much through training. For example with the Security Awareness Training from Aumatics.
